In this issue

Just a couple fixed this week... Apache wasn't escaping
double quotes (") in URLs, and there was a bug returning URLs
in mod_imap when the URL was a scheme other than http (such
as gopher URLs). Both will be fixed in 1.1.

A whole bunch of new things this week, some from the Apache
core team and some offered as contributions from others.
Here's a list of the major developments...

Cleaning out the magic types

In the current version of Apache, special types of files,
such as CGI scripts and parsed-HTML files, are identified
by using special 'magic' MIME types. For instance, cgi
scripts have the MIME type 'application/x-httpd-cgi'.
Version 1.1 will clean this up by removing these magic
types and instead use a new directive, AddHandler, to
control the processing of special files. This should be
less confusing that the current situation, and will mean
that files can be given extensions to specify both an
action to be applied to it (such as being processed for
server-side-includes) and a MIME type to return it
as. (compare that with the current situation, where, for
example, SSI files are always returned as HTML).

Statistics Module

The statistics module will report on usage of Apache,
giving totals of bytes and files served. It will also show
the current state of the child processes, URLs currently
being processed, and overall server load.

Forcing MIME types

At present, the MIME type of a file (that is, the
information that tells the browser how to display the file)
is set by its extension. A new option will force all
files in a particular directory to be served as a specific
MIME type irrespective of their extensions.

Server Side Includes enhanced

A contributed enhancement to the current mod_include (which
does server-side-includes, or SSIs) has a number of feature
enhancements: conditional inclusion, variables and regular
expression matching.

ErrorDocuments anywhere

The ErrorDocument directive in srm.conf lets you give back
a customised file (or even a cgi) where the request causes
a error, such as file not found. In 1.1 you should be able
to put ErrorDocument directives in .htaccess files.

Postgres Authentication

The existing mod_auth_msql module authenticates users
against a mini
SQL server. A new contributed module does the same
thing for users of
Postgres.

Work on full URI and Hosts from HTTP/1.1

The new spec for HTTP, version 1.1, is still being developed. One of the
areas planned for enhancement over the current version is
allowing virtual hosts to work without the hassle of using
dummy IP addresses. This makes use of either full-URI
requests, where the request contains the hostname that the
request is directed at, and/or the Host: request header.
Work is now underway supporting these enhancements. Version
1.1 of Apache will not claim to be HTTP/1.1 compliant, but
these new features will take it in the right direction.

Starting a perl CGI script from Apache (and other servers)
can be a lot slower than starting compiled programs, such
as those written in C. This is because the perl interpreter
itself has to be loaded and run. But perl is (usually)
easier and quicker to write than C, so it is popular. Now a
contributor has been working on a module that incorporates
a full perl interpreter! This will make perl scripts many
times faster to run.

Name that user

There's been some discussion about how or if Apache should
set the user it is running as when it executes scripts. In
some situations, it would be useful if Apache could run a
script as the owner of the script, rather than as the www
server user or nobody. This could be built into Apache, but
there are security concerns. At the moment, a useful
external wrapper to do this is available in cgiwrap.